Búsqueda de    
Vulnerabilidad   
    Buscar 211766 Descripciones CVE y
97459 Descripciones de Pruebas,
accesos 10,000+ referencias cruzadas.
Pruebas   CVE   Todos  

ID de Prueba:1.3.6.1.4.1.25623.1.1.4.2020.2575.1
Categoría:SuSE Local Security Checks
Título:SUSE: Security Advisory (SUSE-SU-2020:2575-1)
Resumen:The remote host is missing an update for the 'Linux Kernel' package(s) announced via the SUSE-SU-2020:2575-1 advisory.
Descripción:Summary:
The remote host is missing an update for the 'Linux Kernel' package(s) announced via the SUSE-SU-2020:2575-1 advisory.

Vulnerability Insight:
The SUSE Linux Enterprise 15 SP1 kernel was updated to receive various security and bugfixes.

The following security bugs were fixed:

CVE-2020-1749: Use ip6_dst_lookup_flow instead of ip6_dst_lookup
(bsc#1165629).

CVE-2020-14314: Fixed a potential negative array index in do_split()
(bsc#1173798).

CVE-2020-14356: Fixed a null pointer dereference in cgroupv2 subsystem
which could have led to privilege escalation (bsc#1175213).

CVE-2020-14331: Fixed a missing check in vgacon scrollback handling
(bsc#1174205).

CVE-2020-16166: Fixed a potential issue which could have allowed remote
attackers to make observations that help to obtain sensitive information
about the internal state of the network RNG (bsc#1174757).

CVE-2020-24394: Fixed an issue which could set incorrect permissions on
new filesystem objects when the filesystem lacks ACL support
(bsc#1175518).

CVE-2020-10135: Legacy pairing and secure-connections pairing
authentication Bluetooth might have allowed an unauthenticated user to
complete authentication without pairing credentials via adjacent access
(bsc#1171988).

CVE-2020-14386: Fixed a potential local privilege escalation via memory
corruption (bsc#1176069).

The following non-security bugs were fixed:

ACPI: kABI fixes for subsys exports (bsc#1174968).

ACPI / LPSS: Resume BYT/CHT I2C controllers from resume_noirq
(bsc#1174968).

ACPI / LPSS: Use acpi_lpss_* instead of acpi_subsys_* functions for
hibernate (bsc#1174968).

ACPI: PM: Introduce 'poweroff' callbacks for ACPI PM domain and LPSS
(bsc#1174968).

ACPI: PM: Simplify and fix PM domain hibernation callbacks (bsc#1174968).

af_key: pfkey_dump needs parameter validation (git-fixes).

agp/intel: Fix a memory leak on module initialisation failure
(git-fixes).

ALSA: core: pcm_iec958: fix kernel-doc (bsc#1111666).

ALSA: echoaduio: Drop superfluous volatile modifier (bsc#1111666).

ALSA: echoaudio: Fix potential Oops in snd_echo_resume() (bsc#1111666).

ALSA: hda: Add support for Loongson 7A1000 controller (bsc#1111666).

ALSA: hda/ca0132 - Add new quirk ID for Recon3D (bsc#1111666).

ALSA: hda/ca0132 - Fix AE-5 microphone selection commands (bsc#1111666).

ALSA: hda/ca0132 - Fix ZxR Headphone gain control get value
(bsc#1111666).

ALSA: hda: fix NULL pointer dereference during suspend (git-fixes).

ALSA: hda: fix snd_hda_codec_cleanup() documentation (bsc#1111666).

ALSA: hda - fix the micmute led status for Lenovo ThinkCentre AIO
(bsc#1111666).

ALSA: hda/realtek: Add alc269/alc662 pin-tables for Loongson-3 laptops
(bsc#1111666).

ALSA: hda/realtek: Add model alc298-samsung-headphone (git-fixes).

ALSA: hda/realtek: Add mute LED and micmute LED support for HP systems
(bsc#1111666).

ALSA: hda/realtek - Add quirk for Lenovo Carbon X1 8th gen (bsc#1111666).

ALSA: hda/realtek - Add quirk for MSI GE63 laptop (bsc#1111666).

ALSA: hda/realtek - Add quirk for MSI GL63 (bsc#1111666).

ALSA: ... [Please see the references for more information on the vulnerabilities]

Affected Software/OS:
'Linux Kernel' package(s) on SUSE Linux Enterprise Workstation Extension 15-SP1, SUSE Linux Enterprise Module for Legacy Software 15-SP1, SUSE Linux Enterprise Module for Development Tools 15-SP1, SUSE Linux Enterprise Module for Basesystem 15-SP1, SUSE Linux Enterprise High Availability 15-SP1

Solution:
Please install the updated package(s).

CVSS Score:
7.2

CVSS Vector:
AV:L/AC:L/Au:N/C:C/I:C/A:C

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2020-1749
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1749
CopyrightCopyright (C) 2021 Greenbone Networks GmbH

Esta es sólo una de 97459 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.

Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.




© 1998-2021 E-Soft Inc. Todos los derechos reservados.